Conventional content protection mechanisms typically focus on protecting content while it is being transferred between systems and/or while it is stored on a system. For example, some conventional techniques provide mechanisms (with varying degrees of effectiveness) for securing the transmission and/or storage media itself, thus preventing, or at least resisting, malicious tampering or manipulation of the content. Other techniques concentrate on protecting the content directly—as opposed to the transmission and/or storage media—and make use of encryption and other technologies to make the content inaccessible, or at least practically unusable, while it is being transmitted or while it is stored.
A problem that arises, however, is that when content is released for use—for example, when stored audio content is decrypted and/or decompressed and played by a consumer—it is possible for an attacker to intercept the content and circumvent the content and/or transmission protection that was used. This is a serious problem, as most systems must remove the content protection at some point, since the content is typically of little use in its protected form.
One way to address this problem is to minimize the amount of time that the content is unprotected. For example, an audio file might be decrypted and/or decompressed by obscure drivers immediately before it is sent to the system's speakers or other output devices. This approach is not foolproof, however, as an attacker might simply record the audio output being played by the speakers, thus obtaining an unprotected (or less protected) copy of the content, albeit of somewhat lesser quality than the original. A more serious attack intercepts the content while it is still in digital form, before it is output to the user. For example, an attacker might insert or substitute a malicious software driver to intercept the content file as it is headed for an output device. The malicious driver might reroute and/or duplicate the unprotected content file, thus allowing the attacker to obtain a perfect digital copy of the content and/or to use the content in an unauthorized manner.